bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-19 17:53:44 +00:00
Code Issues Releases Wiki Activity

Refactor Slack Callback Mechanism (#6388)

Browse Source 
* Refactor Slack Callback

* Add more safety to state param, clarify if logic, update tests

* Added an additional 2 possible cases to test: integration is not a slack integration, and the integration has already been claimed

* Implement SonarQube suggestion

* Adjusted org hash to include timestamp; addressed PR feedback
This commit is contained in:
Brant DeBow
2025-10-03 09:30:29 -04:00
committed by GitHub
parent 1dc4c327e4
commit cde458760c
11 changed files with 678 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
test/Core.Test/AdminConsole/Services/SlackServiceTests.cs
View File

@@ -2,6 +2,7 @@
using System.Net;
using System.Text.Json;
using System.Web;
using Bit.Core.Services;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
@@ -261,10 +262,19 @@ public class SlackServiceTests
var sutProvider = GetSutProvider();
var clientId = sutProvider.GetDependency<GlobalSettings>().Slack.ClientId;
var scopes = sutProvider.GetDependency<GlobalSettings>().Slack.Scopes;
var redirectUrl = "https://example.com/callback";
var expectedUrl = $"https://slack.com/oauth/v2/authorize?client_id={clientId}&scope={scopes}&redirect_uri={redirectUrl}";
var result = sutProvider.Sut.GetRedirectUrl(redirectUrl);
Assert.Equal(expectedUrl, result);
var callbackUrl = "https://example.com/callback";
var state = Guid.NewGuid().ToString();
var result = sutProvider.Sut.GetRedirectUrl(callbackUrl, state);
var uri = new Uri(result);
var query = HttpUtility.ParseQueryString(uri.Query);
Assert.Equal(clientId, query["client_id"]);
Assert.Equal(scopes, query["scope"]);
Assert.Equal(callbackUrl, query["redirect_uri"]);
Assert.Equal(state, query["state"]);
Assert.Equal("slack.com", uri.Host);
Assert.Equal("/oauth/v2/authorize", uri.AbsolutePath);
}
[Fact]